CVE-2021-38121

HIGH

NetIQ Advance Auth <6.3.5.1 - Info Disclosure

Title source: llm

Description

Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.  This issue affects NetIQ Advance Authentication versions before 6.3.5.1

References (1)

Scores

CVSS v3 8.3
EPSS 0.0004
EPSS Percentile 12.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L

Classification

CWE
CWE-326
Status published

Affected Products (8)

microfocus/netiq_advanced_authentication < 6.3
microfocus/netiq_advanced_authentication
microfocus/netiq_advanced_authentication
microfocus/netiq_advanced_authentication
microfocus/netiq_advanced_authentication
microfocus/netiq_advanced_authentication
microfocus/netiq_advanced_authentication
microfocus/netiq_advanced_authentication

Timeline

Published Aug 28, 2024
Tracked Since Feb 18, 2026